unix/webapp/drupal_drupalgeddon2:
此模块利用表单API中的Drupal属性注入
平台:PHP、Unix、Linux
Arch:php、cmd、x86、x64
特权:否
许可证:Metasploit Framework许可证(BSD)
排名:优秀
披露日期:2018-03-28
可用目标:
0 Automatic (PHP In-Memory)
1 Automatic (PHP Dropper)
2 Automatic (Unix In-Memory)
3 Automatic (Linux Dropper)
4 Drupal 7.x (PHP In-Memory)
5 Drupal 7.x (PHP Dropper)
6 Drupal 7.x (Unix In-Memory)
7 Drupal 7.x (Linux Dropper)
8 Drupal 8.x (PHP In-Memory)
9 Drupal 8.x (PHP Dropper)
10 Drupal 8.x (Unix In-Memory)
11 Drupal 8.x (Linux Dropper)
说明:
Drupal 6.x, < 7.58, 8.2.x, < 8.3.9, < 8.4.6, 和 < 8.5.1是脆弱的
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/272309.html